VIRY.CZ

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16.05.2018 01
Ran by Jan (administrator) on PC-PENTIUM (22-05-2018 16:19:06)
Running from C:\Users\Jan\Desktop
Loaded Profiles: Jan (Available Profiles: Jan)
Platform: Windows 8.1 Pro (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
(TomTom) C:\Program Files (x86)\TomTom\MySportsConnect\TomTom MySports Connect.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
() C:\Program Files (x86)\SpeedFan\speedfan.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.10\Lightshot.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusSGPlusBTServer64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Jan\Desktop\FRSTLauncher.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3643712 2018-05-14] (Dropbox, Inc.)
HKLM-x32\...\Run: [eperjavaapp] => C:\Program Files (x86)\Fiat\ePER\j2sdk1.4.1*injavaw.exe
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2017-04-11] ()
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2018-03-28] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2886151947-935133992-3361241069-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46214128 2018-04-12] ()
HKU\S-1-5-21-2886151947-935133992-3361241069-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2886151947-935133992-3361241069-1001\...\Run: [TomTom MySports Connect.exe] => C:\Program Files (x86)\TomTom\MySportsConnect\TomTom MySports Connect.exe [638464 2017-11-02] (TomTom)
Startup: C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SQLServer.lnk [2018-03-22]
ShortcutTarget: SQLServer.lnk -> C:\CENTURA\dbnt1sv.exe (Centura Software Corporation)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{2B2090CB-54B6-49ED-98CB-ED6B8FF71D29}: [DhcpNameServer] 192.168.43.1

Internet Explorer:
==================
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\wmaPYlos.default [2017-03-23]
FF Extension: (Avira Browser Safety) - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\wmaPYlos.default\Extensions\abs@avira.com [2017-03-23]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-11] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR DefaultSearchKeyword: Default -> google.cz_
CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default [2018-05-22]
CHR Extension: (Dokumenty) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-25]
CHR Extension: (Disk Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-23]
CHR Extension: (Web Developer) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2017-08-19]
CHR Extension: (James White) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm [2017-03-23]
CHR Extension: (YouTube) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-23]
CHR Extension: (Avira Browser Safety) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2018-05-22]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-23]
CHR Extension: (AdBlock) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-05-09]
CHR Extension: (No Coin - Block miners on the web!) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gojamcfopckidlocpkbelmpjcgmbgjcl [2018-02-26]
CHR Extension: (FormApps Extension) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2017-06-15]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-03-23]
CHR Extension: (Mapy Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2017-03-23]
CHR Extension: (AirMirror) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\macmgoeeggnlnmpiojbcniblabkdjphe [2017-12-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-09]
CHR Extension: (Gmail) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-23]
CHR Extension: (Chrome Media Router) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-07]
CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-05-12]
CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1 [2018-05-21]
CHR Extension: (Prezentace) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-31]
CHR Extension: (Dokumenty) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-31]
CHR Extension: (Disk Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-02]
CHR Extension: (YouTube) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-02]
CHR Extension: (Tabulky) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-31]
CHR Extension: (Avira Browser Safety) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-05-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-10-31]
CHR Extension: (AdBlock) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-05-15]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-05-02]
CHR Extension: (Mapy Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2017-05-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-10]
CHR Extension: (Gmail) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-02]
CHR Extension: (Chrome Media Router) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-07]
CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2 [2018-05-17]
CHR Extension: (Prezentace) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-02]
CHR Extension: (Dokumenty) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-02]
CHR Extension: (Disk Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-29]
CHR Extension: (YouTube) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-29]
CHR Extension: (Adobe Acrobat) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-05-17]
CHR Extension: (Tabulky) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-02]
CHR Extension: (Avira Browser Safety) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-05-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-29]
CHR Extension: (AdBlock) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-03-16]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-05-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-17]
CHR Extension: (Gmail) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-29]
CHR Extension: (Chrome Media Router) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-17]
CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\System Profile [2018-05-12]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2886151947-935133992-3361241069-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [879128 2018-05-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [224472 2018-05-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [224472 2018-05-15] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1165320 2018-05-15] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [449240 2018-03-28] (Avira Operations GmbH & Co. KG)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-03-23] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-03-23] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2018-05-14] (Dropbox, Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2017-05-02] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10945264 2017-12-05] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AsusVBus; C:\Windows\System32\drivers\AsusVBus.sys [39704 2017-01-09] (Windows (R) Win 7 DDK provider)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [75576 2017-01-09] (ASUS Corporation)
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [60920 2017-06-15] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [179376 2018-05-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [169864 2018-05-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [44488 2017-03-21] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [88488 2017-03-21] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [38048 2017-06-15] (Avira Operations GmbH & Co. KG)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S1 HWiNFO; C:\Windows\system32\drivers\HWiNFO64A.SYS [55960 2018-05-09] (REALiX(tm))
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [55960 2018-05-09] (REALiX(tm))
R3 RTL8023x64; C:\Windows\system32\DRIVERS\Rtnic64.sys [51712 2013-06-18] (Realtek Semiconductor Corporation )
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2016-12-21] (Apple, Inc.) [File not signed]
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
R1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-22 16:19 - 2018-05-22 16:20 - 000019253 _____ C:\Users\Jan\Desktop\FRST.txt
2018-05-22 16:03 - 2018-05-22 16:03 - 000112640 _____ (forum.viry.cz) C:\Users\Jan\Desktop\FRSTLauncher.exe
2018-05-20 09:59 - 2018-05-20 09:59 - 000065718 _____ C:\Users\Jan\Downloads\posudek_oponent.pdf
2018-05-20 09:59 - 2018-05-20 09:59 - 000065447 _____ C:\Users\Jan\Downloads\posudek_vedouci.pdf
2018-05-17 16:31 - 2018-05-17 16:31 - 000795950 _____ C:\Users\Jan\Downloads\manazerske-ucetnictvi-prednasky-2018.pdf
2018-05-17 09:40 - 2018-05-22 16:19 - 000000000 ____D C:\FRST
2018-05-17 09:36 - 2018-05-17 09:36 - 002413056 _____ (Farbar) C:\Users\Jan\Desktop\FRST64.exe
2018-05-16 18:15 - 2018-05-22 16:20 - 000642923 _____ C:\Windows\ZAM_Guard.krnl.trace
2018-05-16 18:15 - 2018-05-17 09:25 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2018-05-16 18:15 - 2018-05-17 09:24 - 001363056 _____ C:\Windows\ZAM.krnl.trace
2018-05-16 18:15 - 2018-05-16 18:15 - 000000000 ____D C:\Users\Jan\AppData\Local\Zemana
2018-05-15 19:01 - 2018-05-15 19:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-05-14 13:45 - 2018-05-14 13:45 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2018-05-14 13:45 - 2018-05-14 13:45 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2018-05-14 13:45 - 2018-05-14 13:45 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2018-05-14 13:45 - 2018-05-14 13:45 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2018-05-11 10:39 - 2018-05-15 18:47 - 000000000 ____D C:\Program Files\Recuva
2018-05-10 18:55 - 2018-05-10 18:55 - 000000000 __SHD C:\found.001
2018-05-09 16:46 - 2018-05-09 16:46 - 000055960 _____ (REALiX(tm)) C:\Windows\system32\Drivers\HWiNFO64A.SYS
2018-05-09 10:50 - 2018-04-22 11:02 - 000803696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2018-05-09 10:50 - 2018-04-22 10:06 - 000612600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2018-05-09 10:50 - 2018-04-22 10:04 - 025744896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-05-09 10:50 - 2018-04-22 09:40 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-05-09 10:50 - 2018-04-22 09:38 - 000578048 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-05-09 10:50 - 2018-04-22 09:32 - 005779456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-05-09 10:50 - 2018-04-22 09:26 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-05-09 10:50 - 2018-04-22 09:26 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-05-09 10:50 - 2018-04-22 09:24 - 020286464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-05-09 10:50 - 2018-04-22 09:04 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-05-09 10:50 - 2018-04-22 09:00 - 002295296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-05-09 10:50 - 2018-04-22 08:57 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-05-09 10:50 - 2018-04-22 08:54 - 000661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-05-09 10:50 - 2018-04-22 08:53 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-05-09 10:50 - 2018-04-22 08:51 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-05-09 10:50 - 2018-04-22 08:49 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-05-09 10:50 - 2018-04-22 08:48 - 015283200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-05-09 10:50 - 2018-04-22 08:46 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-05-09 10:50 - 2018-04-22 08:33 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-05-09 10:50 - 2018-04-22 08:32 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-05-09 10:50 - 2018-04-22 08:31 - 004496896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-05-09 10:50 - 2018-04-22 08:29 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-05-09 10:50 - 2018-04-22 08:27 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-05-09 10:50 - 2018-04-22 08:27 - 000333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-05-09 10:50 - 2018-04-22 08:26 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-05-09 10:50 - 2018-04-22 08:26 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-05-09 10:50 - 2018-04-22 08:22 - 001546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-05-09 10:50 - 2018-04-22 08:11 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-05-09 10:50 - 2018-04-22 08:08 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-05-09 10:50 - 2018-04-22 08:04 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-05-09 10:50 - 2018-04-22 08:03 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-05-09 10:50 - 2018-04-15 18:55 - 000669696 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2018-05-09 10:50 - 2018-04-15 18:16 - 000536576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2018-05-09 10:50 - 2018-04-11 03:03 - 007406936 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-05-09 10:50 - 2018-04-11 03:02 - 001676056 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-05-09 10:50 - 2018-04-11 03:02 - 001536112 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-05-09 10:50 - 2018-04-10 20:51 - 004169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-05-09 10:50 - 2018-04-10 20:27 - 000205312 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2018-05-09 10:50 - 2018-04-10 20:13 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2018-05-09 10:50 - 2018-04-10 19:01 - 000165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2018-05-09 10:50 - 2018-04-10 18:50 - 000151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2018-05-09 10:50 - 2018-04-07 18:17 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-05-09 10:50 - 2018-04-07 17:49 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-05-09 10:50 - 2018-04-07 17:41 - 000109056 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-05-09 10:50 - 2018-04-07 17:23 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-05-09 10:50 - 2018-04-07 17:20 - 001707008 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2018-05-09 10:50 - 2018-04-07 17:10 - 001344512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2018-05-09 10:50 - 2018-04-07 17:06 - 000522752 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2018-05-09 10:50 - 2018-04-07 17:01 - 000414720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2018-05-09 10:50 - 2018-04-06 23:27 - 000376656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2018-05-09 10:50 - 2018-03-24 17:57 - 001101824 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2018-05-09 10:50 - 2018-03-24 17:40 - 001171456 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2018-05-09 10:50 - 2018-03-24 17:34 - 000856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2018-05-09 10:50 - 2018-03-24 17:22 - 001086976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2018-05-09 10:50 - 2018-03-24 16:56 - 007033344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2018-05-09 10:50 - 2018-03-24 16:54 - 006214144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2018-05-09 10:50 - 2018-03-22 22:29 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-05-09 10:50 - 2018-03-22 22:29 - 000381440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-05-09 10:50 - 2018-03-16 00:29 - 000136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2018-05-09 10:50 - 2018-03-10 22:55 - 000137968 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-05-09 10:50 - 2018-03-10 21:04 - 000120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-05-09 10:50 - 2018-03-10 19:51 - 000685568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-05-09 10:50 - 2018-03-10 19:50 - 000083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-05-09 10:50 - 2018-03-10 19:47 - 000066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2018-05-09 10:50 - 2018-03-10 19:47 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2018-05-09 10:50 - 2018-03-10 19:43 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2018-05-09 10:50 - 2018-03-10 18:46 - 000840192 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2018-05-09 10:50 - 2018-03-10 18:44 - 000435200 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-05-09 10:50 - 2018-03-10 18:35 - 000696832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2018-05-09 10:50 - 2018-03-10 18:35 - 000359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-05-09 10:50 - 2018-03-10 18:33 - 003717632 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2018-05-09 10:50 - 2018-03-10 18:22 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2018-05-09 10:50 - 2018-03-10 18:21 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2018-05-09 10:50 - 2018-03-10 18:21 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2018-05-09 10:50 - 2018-03-10 18:20 - 000124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2018-05-09 10:50 - 2018-03-10 18:18 - 000726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2018-05-09 10:50 - 2018-03-10 18:18 - 000409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2018-05-09 10:50 - 2018-03-10 18:18 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2018-05-09 10:50 - 2018-03-10 18:18 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2018-05-09 10:50 - 2018-03-10 18:17 - 002240512 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2018-05-09 10:50 - 2018-03-10 18:17 - 000897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2018-05-09 10:50 - 2018-03-10 02:16 - 001549136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2018-05-09 10:50 - 2018-03-10 02:16 - 000388440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2018-05-09 10:50 - 2018-03-09 23:20 - 001737592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-05-09 10:50 - 2018-03-09 23:20 - 001500424 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-05-09 10:50 - 2018-03-09 23:20 - 001371344 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2018-05-09 10:50 - 2018-03-09 23:20 - 000418640 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-05-09 10:50 - 2018-03-09 21:59 - 000121168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys
2018-05-09 10:50 - 2018-03-09 20:57 - 000276816 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2018-05-09 10:50 - 2018-03-09 16:52 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-05-09 10:50 - 2018-03-09 16:52 - 000113664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-05-09 10:50 - 2018-03-09 16:52 - 000096768 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-05-09 10:50 - 2018-03-09 16:52 - 000078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-05-09 10:50 - 2018-03-08 21:53 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpcivsp.sys
2018-05-09 10:50 - 2018-03-08 20:15 - 000005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-05-09 10:50 - 2018-03-08 20:14 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-05-09 10:50 - 2018-03-08 16:21 - 000340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2018-05-09 10:50 - 2018-03-08 01:46 - 000202576 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2018-05-09 10:50 - 2018-03-08 01:42 - 000174928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll
2018-05-09 10:50 - 2018-03-07 21:28 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll
2018-05-09 10:50 - 2018-03-07 20:26 - 000053760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsnmp32.dll
2018-05-09 10:50 - 2018-03-03 19:44 - 000277504 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
2018-05-09 10:50 - 2018-03-03 19:04 - 000252416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scksp.dll
2018-05-09 10:50 - 2018-03-03 18:24 - 001725952 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2018-05-09 10:50 - 2018-03-03 18:18 - 000894976 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll
2018-05-09 10:50 - 2018-03-03 18:18 - 000322048 _____ (Microsoft Corporation) C:\Windows\system32\msdtcuiu.dll
2018-05-09 10:50 - 2018-03-03 18:15 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xolehlp.dll
2018-05-09 10:50 - 2018-03-03 18:04 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcprx.dll
2018-05-09 10:50 - 2018-03-03 18:04 - 000265728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcuiu.dll
2018-05-09 10:50 - 2018-02-14 23:45 - 001308336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-05-09 10:50 - 2018-02-14 16:47 - 000747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-05-09 10:50 - 2018-02-10 03:29 - 000531632 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2018-05-09 10:50 - 2018-02-10 03:25 - 001137872 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-05-09 10:50 - 2018-02-09 19:21 - 000862208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-05-09 10:50 - 2018-02-08 20:53 - 000309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2018-05-09 10:50 - 2018-02-08 20:22 - 000477696 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2018-05-09 10:50 - 2018-02-08 20:21 - 000826368 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll
2018-05-09 10:50 - 2018-02-08 20:18 - 000260096 _____ (Microsoft Corporation) C:\Windows\system32\ppcsnap.dll
2018-05-09 10:50 - 2018-02-08 20:18 - 000221184 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2018-05-09 10:50 - 2018-02-08 20:03 - 000202752 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2018-05-09 10:50 - 2018-02-08 19:49 - 000289280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\compstui.dll
2018-05-09 10:50 - 2018-02-08 19:42 - 001001984 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.dll
2018-05-09 10:50 - 2018-02-08 19:42 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2018-05-09 10:50 - 2018-02-08 19:40 - 001096192 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2018-05-09 10:50 - 2018-02-08 19:38 - 000866304 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2018-05-09 10:50 - 2018-02-08 19:27 - 000367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2018-05-09 10:50 - 2018-02-08 19:24 - 000199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
2018-05-09 10:50 - 2018-02-08 19:03 - 000664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll
2018-05-09 10:50 - 2018-02-08 19:03 - 000167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2018-05-09 10:50 - 2018-01-25 16:19 - 000995272 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2018-05-09 10:50 - 2018-01-25 16:14 - 000922944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2018-04-24 14:06 - 2018-03-16 20:51 - 000144000 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-04-24 14:06 - 2018-03-14 15:23 - 001993728 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-04-24 14:06 - 2018-03-14 15:23 - 001559552 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-04-24 14:06 - 2018-03-14 15:23 - 000739840 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-04-24 14:06 - 2018-03-14 15:23 - 000656384 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-04-24 14:06 - 2018-03-14 15:23 - 000599552 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-04-24 14:06 - 2018-03-14 15:23 - 000450048 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-04-24 14:06 - 2018-03-14 15:23 - 000414720 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-04-24 14:06 - 2018-03-14 15:23 - 000291840 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-04-24 14:06 - 2018-03-14 15:23 - 000237056 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-22 14:19 - 2014-11-21 06:13 - 001739092 _____ C:\Windows\system32\PerfStringBackup.INI
2018-05-22 14:19 - 2014-11-21 05:17 - 000733268 _____ C:\Windows\system32\perfh005.dat
2018-05-22 14:19 - 2014-11-21 05:17 - 000148614 _____ C:\Windows\system32\perfc005.dat
2018-05-22 14:19 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2018-05-22 14:13 - 2017-11-01 22:31 - 000000406 _____ C:\Windows\Tasks\update-sys.job
2018-05-22 13:25 - 2017-03-23 11:13 - 000000924 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2018-05-22 13:23 - 2017-11-01 22:31 - 000000406 _____ C:\Windows\Tasks\update-S-1-5-21-2886151947-935133992-3361241069-1001.job
2018-05-22 12:45 - 2017-03-23 11:25 - 000000000 ___RD C:\Users\Jan\Disk Google
2018-05-22 12:45 - 2017-03-23 11:08 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2018-05-22 12:45 - 2017-03-23 00:35 - 000000000 ___DO C:\Users\Jan\OneDrive
2018-05-22 12:44 - 2018-03-17 18:13 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2018-05-22 12:41 - 2017-03-23 11:13 - 000000920 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2018-05-20 10:35 - 2017-03-23 00:27 - 000000000 ____D C:\Users\Jan\AppData\Local\Packages
2018-05-19 20:19 - 2017-03-23 11:13 - 000003896 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2018-05-19 20:19 - 2017-03-23 11:13 - 000003660 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2018-05-17 09:47 - 2017-03-23 00:45 - 000003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2886151947-935133992-3361241069-1001
2018-05-17 08:54 - 2017-03-23 20:33 - 000000000 ____D C:\Users\Jan\AppData\Roaming\vlc
2018-05-16 23:00 - 2017-03-23 10:55 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-05-16 23:00 - 2017-03-23 10:55 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-05-16 18:19 - 2017-03-23 00:27 - 000000000 ____D C:\Users\Jan
2018-05-16 00:10 - 2017-03-23 10:57 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-05-15 23:57 - 2017-05-01 14:10 - 000000000 ____D C:\Program Files (x86)\Steam
2018-05-15 19:01 - 2017-03-23 11:13 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-05-15 18:47 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-05-15 12:59 - 2017-03-28 22:50 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-05-15 12:58 - 2018-03-21 17:47 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-05-15 12:57 - 2017-03-23 11:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2018-05-15 12:53 - 2017-03-23 11:10 - 000179376 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2018-05-15 12:53 - 2017-03-23 11:10 - 000169864 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2018-05-12 14:16 - 2017-03-23 23:51 - 001082880 ___SH C:\Users\Jan\Desktop\Thumbs.db
2018-05-12 13:41 - 2017-03-23 23:38 - 000000000 ____D C:\Users\Jan\AppData\Roaming\TeamViewer
2018-05-12 13:39 - 2018-03-18 12:01 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-05-12 13:39 - 2017-03-23 23:20 - 000000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-05-11 10:41 - 2017-03-23 11:07 - 000001914 _____ C:\Users\Jan\Desktop\FileZilla Client.lnk
2018-05-10 19:00 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\rescache
2018-05-09 11:32 - 2013-08-22 16:44 - 005062936 _____ C:\Windows\system32\FNTCACHE.DAT
2018-05-09 11:30 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2018-05-09 11:28 - 2017-05-01 20:20 - 000000000 ____D C:\Windows\system32\appraiser
2018-05-09 11:28 - 2013-08-22 17:36 - 000000000 ___RD C:\Windows\ToastData
2018-05-09 11:27 - 2017-03-23 11:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2018-05-09 11:25 - 2017-03-24 00:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2018-05-09 11:25 - 2017-03-24 00:05 - 000000000 ____D C:\Program Files\HWiNFO64
2018-05-09 11:12 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2018-05-09 11:05 - 2017-05-01 19:55 - 000000000 ____D C:\Windows\system32\MRT
2018-05-09 11:05 - 2013-08-22 15:25 - 000000167 _____ C:\Windows\win.ini
2018-05-09 10:59 - 2017-10-26 10:02 - 141696960 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-05-09 10:59 - 2017-05-01 19:54 - 141696960 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-05-08 14:27 - 2017-04-12 23:01 - 000000000 ____D C:\Users\Jan\AppData\Roaming\FileZilla
2018-05-08 13:04 - 2017-03-23 11:07 - 000000000 ____D C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2018-05-08 13:04 - 2017-03-23 11:07 - 000000000 ____D C:\Program Files\FileZilla FTP Client
2018-05-07 07:13 - 2017-03-23 00:54 - 000000000 ____D C:\ProgramData\Package Cache
2018-05-06 20:48 - 2017-09-27 15:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2018-05-01 00:39 - 2017-05-01 20:27 - 000835064 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-05-01 00:39 - 2017-05-01 20:27 - 000179704 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2017-04-20 10:13 - 2018-03-25 00:06 - 000000132 _____ () C:\Users\Jan\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2018-02-16 12:20 - 2002-08-29 19:33 - 000319488 ____R () C:\Users\Jan\AppData\Roaming\MafiaSetup.exe
2018-02-18 22:04 - 2018-02-18 22:04 - 000007604 _____ () C:\Users\Jan\AppData\Local\Resmon.ResmonCfg
2017-11-01 22:31 - 2017-11-01 22:31 - 000000003 _____ () C:\Users\Jan\AppData\Local\updater.log
2017-11-01 22:31 - 2017-11-01 22:31 - 000000425 _____ () C:\Users\Jan\AppData\Local\UserProducts.xml

Some files in TEMP:
====================
2018-05-16 17:59 - 2018-05-17 02:25 - 000108144 _____ (Sony DADC Austria AG.) C:\Users\Jan\AppData\Local\Temp\CmdLineExt.dll
2018-05-16 17:59 - 2018-05-17 02:25 - 000065536 _____ (Sony DADC Austria AG) C:\Users\Jan\AppData\Local\Temp\drm_dialogs.dll
2017-03-23 11:09 - 2018-05-22 12:47 - 000192512 _____ () C:\Users\Jan\AppData\Local\Temp\sfamcc00001.dll
2018-05-15 19:28 - 2018-05-22 12:47 - 000158720 _____ () C:\Users\Jan\AppData\Local\Temp\sfareca00001.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\update-S-1-5-21-2886151947-935133992-3361241069-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Jan\Desktop" je 2 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Ahoj

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

• Uloz na plochu a ukonci vsetky programy
• Spusti AdwCleaner ako spravca
• Odsuhlas licencne podmienky
• Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
• Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
• Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
• Otvori sa log, jeho obsah sem skopiruj

# -------------------------------
# Malwarebytes AdwCleaner 7.1.1.0
# -------------------------------
# Build: 04-27-2018
# Database: 2018-05-22.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-23-2018
# Duration: 00:00:09
# OS: Windows 8.1 Pro
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted Slunečnice

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************


########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Poprosim o nove logy z FRST, vratane logu Addition.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16.05.2018 01
Ran by Jan (administrator) on PC-PENTIUM (24-05-2018 12:05:42)
Running from C:\Users\Jan\Desktop
Loaded Profiles: Jan (Available Profiles: Jan)
Platform: Windows 8.1 Pro (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\SpeedFan\speedfan.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
(TomTom) C:\Program Files (x86)\TomTom\MySportsConnect\TomTom MySports Connect.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.10\Lightshot.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(forum.viry.cz) C:\Users\Jan\Desktop\FRSTLauncher.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusSGPlusBTServer64.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avscan.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avscan.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3643712 2018-05-21] (Dropbox, Inc.)
HKLM-x32\...\Run: [eperjavaapp] => C:\Program Files (x86)\Fiat\ePER\j2sdk1.4.1*injavaw.exe
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2017-04-11] ()
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2018-05-22] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2886151947-935133992-3361241069-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46281240 2018-05-21] ()
HKU\S-1-5-21-2886151947-935133992-3361241069-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2886151947-935133992-3361241069-1001\...\Run: [TomTom MySports Connect.exe] => C:\Program Files (x86)\TomTom\MySportsConnect\TomTom MySports Connect.exe [638464 2017-11-02] (TomTom)
Startup: C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SQLServer.lnk [2018-03-22]
ShortcutTarget: SQLServer.lnk -> C:\CENTURA\dbnt1sv.exe (Centura Software Corporation)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{2B2090CB-54B6-49ED-98CB-ED6B8FF71D29}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{2B2090CB-54B6-49ED-98CB-ED6B8FF71D29}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-2886151947-935133992-3361241069-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://adisepo.mfcr.cz/adistc/adis/idpr_epo/epo2/uvod/vstup.faces
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\wmaPYlos.default [2017-03-23]
FF Extension: (Avira Browser Safety) - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\wmaPYlos.default\Extensions\abs@avira.com [2017-03-23]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-11] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR DefaultSearchKeyword: Default -> google.cz_
CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default [2018-05-24]
CHR Extension: (Dokumenty) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-25]
CHR Extension: (Disk Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-23]
CHR Extension: (Web Developer) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2017-08-19]
CHR Extension: (James White) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm [2017-03-23]
CHR Extension: (YouTube) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-23]
CHR Extension: (Avira Browser Safety) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2018-05-22]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-23]
CHR Extension: (AdBlock) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-05-09]
CHR Extension: (No Coin - Block miners on the web!) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gojamcfopckidlocpkbelmpjcgmbgjcl [2018-02-26]
CHR Extension: (FormApps Extension) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2017-06-15]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-03-23]
CHR Extension: (Mapy Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2017-03-23]
CHR Extension: (AirMirror) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\macmgoeeggnlnmpiojbcniblabkdjphe [2017-12-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-09]
CHR Extension: (Gmail) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-23]
CHR Extension: (Chrome Media Router) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-07]
CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-05-22]
CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1 [2018-05-23]
CHR Extension: (Prezentace) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-31]
CHR Extension: (Dokumenty) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-31]
CHR Extension: (Disk Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-02]
CHR Extension: (YouTube) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-02]
CHR Extension: (Tabulky) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-31]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-10-31]
CHR Extension: (AdBlock) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-05-15]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-05-02]
CHR Extension: (Mapy Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2017-05-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-10]
CHR Extension: (Gmail) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-02]
CHR Extension: (Chrome Media Router) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-07]
CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2 [2018-05-22]
CHR Extension: (Prezentace) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-02]
CHR Extension: (Dokumenty) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-02]
CHR Extension: (Disk Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-29]
CHR Extension: (YouTube) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-29]
CHR Extension: (Adobe Acrobat) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-05-17]
CHR Extension: (Tabulky) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-02]
CHR Extension: (Avira Browser Safety) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2018-05-22]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-29]
CHR Extension: (AdBlock) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-05-22]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-05-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-22]
CHR Extension: (Gmail) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-29]
CHR Extension: (Chrome Media Router) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-22]
CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\System Profile [2018-05-22]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2886151947-935133992-3361241069-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [879128 2018-05-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [224472 2018-05-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [224472 2018-05-15] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1165320 2018-05-15] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [451288 2018-05-22] (Avira Operations GmbH & Co. KG)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-03-23] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-03-23] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2018-05-21] (Dropbox, Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2017-05-02] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10945264 2017-12-05] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AsusVBus; C:\Windows\System32\drivers\AsusVBus.sys [39704 2017-01-09] (Windows (R) Win 7 DDK provider)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [75576 2017-01-09] (ASUS Corporation)
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [60920 2017-06-15] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [179376 2018-05-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [169864 2018-05-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [44488 2017-03-21] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [88488 2017-03-21] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [38048 2017-06-15] (Avira Operations GmbH & Co. KG)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S1 HWiNFO; C:\Windows\system32\drivers\HWiNFO64A.SYS [55960 2018-05-09] (REALiX(tm))
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [55960 2018-05-09] (REALiX(tm))
R3 RTL8023x64; C:\Windows\system32\DRIVERS\Rtnic64.sys [51712 2013-06-18] (Realtek Semiconductor Corporation )
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2016-12-21] (Apple, Inc.) [File not signed]
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-24 12:05 - 2018-05-24 12:06 - 000019345 _____ C:\Users\Jan\Desktop\FRST.txt
2018-05-24 01:29 - 2018-05-24 01:30 - 006426063 _____ C:\Users\Jan\Downloads\p95v294b8.win64.zip
2018-05-24 01:28 - 2018-05-24 01:28 - 001798176 _____ (CPUID, Inc. ) C:\Users\Jan\Downloads\cpu-z_1.85-en.exe
2018-05-24 01:28 - 2018-05-24 01:28 - 000000885 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2018-05-24 01:28 - 2018-05-24 01:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2018-05-24 01:28 - 2018-05-24 01:28 - 000000000 ____D C:\Program Files\CPUID
2018-05-23 22:33 - 2018-05-23 22:33 - 004091354 _____ C:\Users\Jan\Downloads\city home invest iii - ucetni zaverka k 31.12.2016.pdf
2018-05-23 21:44 - 2018-05-23 21:45 - 007926207 _____ C:\Users\Jan\Downloads\stejnopis nz 2405 2017.pdf
2018-05-23 21:20 - 2018-05-23 21:20 - 000138252 _____ C:\Users\Jan\Downloads\labtecon - stejnopis.pdf
2018-05-23 20:38 - 2018-05-23 20:38 - 000090315 _____ C:\Users\Jan\Downloads\nove firmy na klic stejnopis.pdf
2018-05-23 20:37 - 2018-05-23 20:37 - 000285326 _____ C:\Users\Jan\Downloads\em_rozvaha_2013.pdf
2018-05-23 20:37 - 2018-05-23 20:37 - 000220540 _____ C:\Users\Jan\Downloads\em_zp_2014.pdf
2018-05-23 20:36 - 2018-05-23 20:36 - 000288027 _____ C:\Users\Jan\Downloads\em_zprava auditora-ucetni zaverka_2014.pdf
2018-05-23 20:32 - 2018-05-23 20:32 - 000372240 _____ C:\Users\Jan\Downloads\vysledovka 2017.pdf
2018-05-23 20:32 - 2018-05-23 20:32 - 000184898 _____ C:\Users\Jan\Downloads\cool_brand_as_rozhodnuti_jedineho_akcionare.pdf
2018-05-23 20:31 - 2018-05-23 20:31 - 000043586 _____ C:\Users\Jan\Downloads\vysledovka_cool_brand_2016.pdf
2018-05-23 19:26 - 2018-05-23 21:25 - 2193991266 _____ C:\Users\Jan\Downloads\Thor.2011.1080p.BluRay.x264.DD5.1.CZ.DABING-YIFY.mkv
2018-05-23 00:33 - 2018-05-23 00:34 - 000000000 ____D C:\AdwCleaner
2018-05-23 00:30 - 2018-05-23 00:30 - 007271632 _____ (Malwarebytes) C:\Users\Jan\Desktop\adwcleaner_7.1.1.exe
2018-05-22 20:26 - 2018-05-22 20:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-05-22 17:54 - 2018-05-22 17:54 - 015813432 _____ (Piriform Ltd) C:\Users\Jan\Downloads\ccsetup542.exe
2018-05-22 16:03 - 2018-05-22 16:03 - 000112640 _____ (forum.viry.cz) C:\Users\Jan\Desktop\FRSTLauncher.exe
2018-05-21 19:06 - 2018-05-21 19:06 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2018-05-21 19:06 - 2018-05-21 19:06 - 000050232 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2018-05-21 19:06 - 2018-05-21 19:06 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2018-05-21 19:06 - 2018-05-21 19:06 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2018-05-20 09:59 - 2018-05-20 09:59 - 000065718 _____ C:\Users\Jan\Downloads\posudek_oponent.pdf
2018-05-20 09:59 - 2018-05-20 09:59 - 000065447 _____ C:\Users\Jan\Downloads\posudek_vedouci.pdf
2018-05-17 16:31 - 2018-05-17 16:31 - 000795950 _____ C:\Users\Jan\Downloads\manazerske-ucetnictvi-prednasky-2018.pdf
2018-05-17 09:40 - 2018-05-22 16:19 - 000000000 ____D C:\FRST
2018-05-17 09:36 - 2018-05-17 09:36 - 002413056 _____ (Farbar) C:\Users\Jan\Desktop\FRST64.exe
2018-05-16 18:15 - 2018-05-23 00:37 - 000795652 _____ C:\Windows\ZAM_Guard.krnl.trace
2018-05-16 18:15 - 2018-05-17 09:24 - 001363056 _____ C:\Windows\ZAM.krnl.trace
2018-05-10 18:55 - 2018-05-10 18:55 - 000000000 __SHD C:\found.001
2018-05-09 16:46 - 2018-05-09 16:46 - 000055960 _____ (REALiX(tm)) C:\Windows\system32\Drivers\HWiNFO64A.SYS
2018-05-09 10:50 - 2018-04-22 11:02 - 000803696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2018-05-09 10:50 - 2018-04-22 10:06 - 000612600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2018-05-09 10:50 - 2018-04-22 10:04 - 025744896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-05-09 10:50 - 2018-04-22 09:40 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-05-09 10:50 - 2018-04-22 09:38 - 000578048 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-05-09 10:50 - 2018-04-22 09:32 - 005779456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-05-09 10:50 - 2018-04-22 09:26 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-05-09 10:50 - 2018-04-22 09:26 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-05-09 10:50 - 2018-04-22 09:24 - 020286464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-05-09 10:50 - 2018-04-22 09:04 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-05-09 10:50 - 2018-04-22 09:00 - 002295296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-05-09 10:50 - 2018-04-22 08:57 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-05-09 10:50 - 2018-04-22 08:54 - 000661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-05-09 10:50 - 2018-04-22 08:53 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-05-09 10:50 - 2018-04-22 08:51 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-05-09 10:50 - 2018-04-22 08:49 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-05-09 10:50 - 2018-04-22 08:48 - 015283200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-05-09 10:50 - 2018-04-22 08:46 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-05-09 10:50 - 2018-04-22 08:33 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-05-09 10:50 - 2018-04-22 08:32 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-05-09 10:50 - 2018-04-22 08:31 - 004496896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-05-09 10:50 - 2018-04-22 08:29 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-05-09 10:50 - 2018-04-22 08:27 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-05-09 10:50 - 2018-04-22 08:27 - 000333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-05-09 10:50 - 2018-04-22 08:26 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-05-09 10:50 - 2018-04-22 08:26 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-05-09 10:50 - 2018-04-22 08:22 - 001546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-05-09 10:50 - 2018-04-22 08:11 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-05-09 10:50 - 2018-04-22 08:08 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-05-09 10:50 - 2018-04-22 08:04 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-05-09 10:50 - 2018-04-22 08:03 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-05-09 10:50 - 2018-04-15 18:55 - 000669696 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2018-05-09 10:50 - 2018-04-15 18:16 - 000536576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2018-05-09 10:50 - 2018-04-11 03:03 - 007406936 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-05-09 10:50 - 2018-04-11 03:02 - 001676056 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-05-09 10:50 - 2018-04-11 03:02 - 001536112 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-05-09 10:50 - 2018-04-10 20:51 - 004169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-05-09 10:50 - 2018-04-10 20:27 - 000205312 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2018-05-09 10:50 - 2018-04-10 20:13 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2018-05-09 10:50 - 2018-04-10 19:01 - 000165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2018-05-09 10:50 - 2018-04-10 18:50 - 000151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2018-05-09 10:50 - 2018-04-07 18:17 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-05-09 10:50 - 2018-04-07 17:49 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-05-09 10:50 - 2018-04-07 17:41 - 000109056 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-05-09 10:50 - 2018-04-07 17:23 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-05-09 10:50 - 2018-04-07 17:20 - 001707008 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2018-05-09 10:50 - 2018-04-07 17:10 - 001344512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2018-05-09 10:50 - 2018-04-07 17:06 - 000522752 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2018-05-09 10:50 - 2018-04-07 17:01 - 000414720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2018-05-09 10:50 - 2018-04-06 23:27 - 000376656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2018-05-09 10:50 - 2018-03-24 17:57 - 001101824 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2018-05-09 10:50 - 2018-03-24 17:40 - 001171456 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2018-05-09 10:50 - 2018-03-24 17:34 - 000856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2018-05-09 10:50 - 2018-03-24 17:22 - 001086976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2018-05-09 10:50 - 2018-03-24 16:56 - 007033344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2018-05-09 10:50 - 2018-03-24 16:54 - 006214144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2018-05-09 10:50 - 2018-03-22 22:29 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-05-09 10:50 - 2018-03-22 22:29 - 000381440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-05-09 10:50 - 2018-03-16 00:29 - 000136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2018-05-09 10:50 - 2018-03-10 22:55 - 000137968 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-05-09 10:50 - 2018-03-10 21:04 - 000120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-05-09 10:50 - 2018-03-10 19:51 - 000685568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-05-09 10:50 - 2018-03-10 19:50 - 000083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-05-09 10:50 - 2018-03-10 19:47 - 000066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2018-05-09 10:50 - 2018-03-10 19:47 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2018-05-09 10:50 - 2018-03-10 19:43 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2018-05-09 10:50 - 2018-03-10 18:46 - 000840192 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2018-05-09 10:50 - 2018-03-10 18:44 - 000435200 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-05-09 10:50 - 2018-03-10 18:35 - 000696832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2018-05-09 10:50 - 2018-03-10 18:35 - 000359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-05-09 10:50 - 2018-03-10 18:33 - 003717632 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2018-05-09 10:50 - 2018-03-10 18:22 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2018-05-09 10:50 - 2018-03-10 18:21 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2018-05-09 10:50 - 2018-03-10 18:21 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2018-05-09 10:50 - 2018-03-10 18:20 - 000124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2018-05-09 10:50 - 2018-03-10 18:18 - 000726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2018-05-09 10:50 - 2018-03-10 18:18 - 000409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2018-05-09 10:50 - 2018-03-10 18:18 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2018-05-09 10:50 - 2018-03-10 18:18 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2018-05-09 10:50 - 2018-03-10 18:17 - 002240512 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2018-05-09 10:50 - 2018-03-10 18:17 - 000897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2018-05-09 10:50 - 2018-03-10 02:16 - 001549136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2018-05-09 10:50 - 2018-03-10 02:16 - 000388440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2018-05-09 10:50 - 2018-03-09 23:20 - 001737592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-05-09 10:50 - 2018-03-09 23:20 - 001500424 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-05-09 10:50 - 2018-03-09 23:20 - 001371344 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2018-05-09 10:50 - 2018-03-09 23:20 - 000418640 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-05-09 10:50 - 2018-03-09 21:59 - 000121168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys
2018-05-09 10:50 - 2018-03-09 20:57 - 000276816 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2018-05-09 10:50 - 2018-03-09 16:52 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-05-09 10:50 - 2018-03-09 16:52 - 000113664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-05-09 10:50 - 2018-03-09 16:52 - 000096768 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-05-09 10:50 - 2018-03-09 16:52 - 000078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-05-09 10:50 - 2018-03-08 21:53 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpcivsp.sys
2018-05-09 10:50 - 2018-03-08 20:15 - 000005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-05-09 10:50 - 2018-03-08 20:14 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-05-09 10:50 - 2018-03-08 16:21 - 000340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2018-05-09 10:50 - 2018-03-08 01:46 - 000202576 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2018-05-09 10:50 - 2018-03-08 01:42 - 000174928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll
2018-05-09 10:50 - 2018-03-07 21:28 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll
2018-05-09 10:50 - 2018-03-07 20:26 - 000053760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsnmp32.dll
2018-05-09 10:50 - 2018-03-03 19:44 - 000277504 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
2018-05-09 10:50 - 2018-03-03 19:04 - 000252416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scksp.dll
2018-05-09 10:50 - 2018-03-03 18:24 - 001725952 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2018-05-09 10:50 - 2018-03-03 18:18 - 000894976 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll
2018-05-09 10:50 - 2018-03-03 18:18 - 000322048 _____ (Microsoft Corporation) C:\Windows\system32\msdtcuiu.dll
2018-05-09 10:50 - 2018-03-03 18:15 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xolehlp.dll
2018-05-09 10:50 - 2018-03-03 18:04 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcprx.dll
2018-05-09 10:50 - 2018-03-03 18:04 - 000265728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcuiu.dll
2018-05-09 10:50 - 2018-02-14 23:45 - 001308336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-05-09 10:50 - 2018-02-14 16:47 - 000747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-05-09 10:50 - 2018-02-10 03:29 - 000531632 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2018-05-09 10:50 - 2018-02-10 03:25 - 001137872 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-05-09 10:50 - 2018-02-09 19:21 - 000862208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-05-09 10:50 - 2018-02-08 20:53 - 000309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2018-05-09 10:50 - 2018-02-08 20:22 - 000477696 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2018-05-09 10:50 - 2018-02-08 20:21 - 000826368 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll
2018-05-09 10:50 - 2018-02-08 20:18 - 000260096 _____ (Microsoft Corporation) C:\Windows\system32\ppcsnap.dll
2018-05-09 10:50 - 2018-02-08 20:18 - 000221184 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2018-05-09 10:50 - 2018-02-08 20:03 - 000202752 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2018-05-09 10:50 - 2018-02-08 19:49 - 000289280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\compstui.dll
2018-05-09 10:50 - 2018-02-08 19:42 - 001001984 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.dll
2018-05-09 10:50 - 2018-02-08 19:42 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2018-05-09 10:50 - 2018-02-08 19:40 - 001096192 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2018-05-09 10:50 - 2018-02-08 19:38 - 000866304 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2018-05-09 10:50 - 2018-02-08 19:27 - 000367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2018-05-09 10:50 - 2018-02-08 19:24 - 000199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
2018-05-09 10:50 - 2018-02-08 19:03 - 000664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll
2018-05-09 10:50 - 2018-02-08 19:03 - 000167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2018-05-09 10:50 - 2018-01-25 16:19 - 000995272 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2018-05-09 10:50 - 2018-01-25 16:14 - 000922944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2018-04-24 14:06 - 2018-03-16 20:51 - 000144000 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-04-24 14:06 - 2018-03-14 15:23 - 001993728 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-04-24 14:06 - 2018-03-14 15:23 - 001559552 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-04-24 14:06 - 2018-03-14 15:23 - 000739840 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-04-24 14:06 - 2018-03-14 15:23 - 000656384 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-04-24 14:06 - 2018-03-14 15:23 - 000599552 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-04-24 14:06 - 2018-03-14 15:23 - 000450048 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-04-24 14:06 - 2018-03-14 15:23 - 000414720 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-04-24 14:06 - 2018-03-14 15:23 - 000291840 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-04-24 14:06 - 2018-03-14 15:23 - 000237056 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-24 12:05 - 2017-03-23 00:45 - 000003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2886151947-935133992-3361241069-1001
2018-05-24 12:03 - 2017-03-23 11:25 - 000000000 ___RD C:\Users\Jan\Disk Google
2018-05-24 12:03 - 2017-03-23 11:08 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2018-05-24 12:03 - 2017-03-23 00:35 - 000000000 ___DO C:\Users\Jan\OneDrive
2018-05-24 12:02 - 2018-03-17 18:13 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2018-05-24 12:00 - 2017-03-23 11:13 - 000000920 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2018-05-24 11:59 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-05-24 01:55 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2018-05-24 01:46 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2018-05-24 01:29 - 2017-03-23 11:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2018-05-24 01:29 - 2017-03-23 00:54 - 000000000 ____D C:\ProgramData\Package Cache
2018-05-24 00:24 - 2017-03-23 11:13 - 000000924 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2018-05-23 22:24 - 2017-03-23 20:33 - 000000000 ____D C:\Users\Jan\AppData\Roaming\vlc
2018-05-23 22:13 - 2017-11-01 22:31 - 000000406 _____ C:\Windows\Tasks\update-sys.job
2018-05-23 21:23 - 2017-11-01 22:31 - 000000406 _____ C:\Windows\Tasks\update-S-1-5-21-2886151947-935133992-3361241069-1001.job
2018-05-23 00:31 - 2018-02-16 12:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mafia
2018-05-23 00:31 - 2018-02-16 12:20 - 000000000 ____D C:\Program Files\Mafia
2018-05-22 23:09 - 2017-09-27 15:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2018-05-22 22:21 - 2014-11-21 06:13 - 001739092 _____ C:\Windows\system32\PerfStringBackup.INI
2018-05-22 22:21 - 2014-11-21 05:17 - 000733268 _____ C:\Windows\system32\perfh005.dat
2018-05-22 22:21 - 2014-11-21 05:17 - 000148614 _____ C:\Windows\system32\perfc005.dat
2018-05-22 21:24 - 2017-03-23 00:27 - 000000000 ____D C:\Users\Jan\AppData\Local\Packages
2018-05-22 20:27 - 2017-03-23 11:13 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-05-22 18:40 - 2017-03-23 23:51 - 001082880 ___SH C:\Users\Jan\Desktop\Thumbs.db
2018-05-22 18:24 - 2017-04-12 23:01 - 000000000 ____D C:\Users\Jan\AppData\Roaming\FileZilla
2018-05-22 18:12 - 2018-03-22 21:55 - 000000000 ____D C:\Users\Jan\Desktop\Dokumentace Aconto
2018-05-22 17:55 - 2018-03-18 12:01 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-05-22 17:55 - 2017-03-23 23:20 - 000000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-05-19 20:19 - 2017-03-23 11:13 - 000003896 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2018-05-19 20:19 - 2017-03-23 11:13 - 000003660 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2018-05-16 23:00 - 2017-03-23 10:55 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-05-16 23:00 - 2017-03-23 10:55 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-05-16 18:19 - 2017-03-23 00:27 - 000000000 ____D C:\Users\Jan
2018-05-16 00:10 - 2017-03-23 10:57 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-05-15 23:57 - 2017-05-01 14:10 - 000000000 ____D C:\Program Files (x86)\Steam
2018-05-15 12:59 - 2017-03-28 22:50 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-05-15 12:58 - 2018-03-21 17:47 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-05-15 12:53 - 2017-03-23 11:10 - 000179376 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2018-05-15 12:53 - 2017-03-23 11:10 - 000169864 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2018-05-12 13:41 - 2017-03-23 23:38 - 000000000 ____D C:\Users\Jan\AppData\Roaming\TeamViewer
2018-05-11 10:41 - 2017-03-23 11:07 - 000001914 _____ C:\Users\Jan\Desktop\FileZilla Client.lnk
2018-05-10 19:00 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\rescache
2018-05-09 11:32 - 2013-08-22 16:44 - 005062936 _____ C:\Windows\system32\FNTCACHE.DAT
2018-05-09 11:28 - 2017-05-01 20:20 - 000000000 ____D C:\Windows\system32\appraiser
2018-05-09 11:28 - 2013-08-22 17:36 - 000000000 ___RD C:\Windows\ToastData
2018-05-09 11:27 - 2017-03-23 11:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2018-05-09 11:25 - 2017-03-24 00:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2018-05-09 11:25 - 2017-03-24 00:05 - 000000000 ____D C:\Program Files\HWiNFO64
2018-05-09 11:12 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2018-05-09 11:05 - 2017-05-01 19:55 - 000000000 ____D C:\Windows\system32\MRT
2018-05-09 11:05 - 2013-08-22 15:25 - 000000167 _____ C:\Windows\win.ini
2018-05-09 10:59 - 2017-10-26 10:02 - 141696960 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-05-09 10:59 - 2017-05-01 19:54 - 141696960 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-05-08 13:04 - 2017-03-23 11:07 - 000000000 ____D C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2018-05-08 13:04 - 2017-03-23 11:07 - 000000000 ____D C:\Program Files\FileZilla FTP Client
2018-05-01 00:39 - 2017-05-01 20:27 - 000835064 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-05-01 00:39 - 2017-05-01 20:27 - 000179704 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2017-04-20 10:13 - 2018-03-25 00:06 - 000000132 _____ () C:\Users\Jan\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2018-02-18 22:04 - 2018-02-18 22:04 - 000007604 _____ () C:\Users\Jan\AppData\Local\Resmon.ResmonCfg
2017-11-01 22:31 - 2017-11-01 22:31 - 000000003 _____ () C:\Users\Jan\AppData\Local\updater.log
2017-11-01 22:31 - 2017-11-01 22:31 - 000000425 _____ () C:\Users\Jan\AppData\Local\UserProducts.xml

Some files in TEMP:
====================
2017-03-23 11:09 - 2018-05-24 12:04 - 000192512 _____ () C:\Users\Jan\AppData\Local\Temp\sfamcc00001.dll
2018-05-24 12:04 - 2018-05-24 12:04 - 000158720 _____ () C:\Users\Jan\AppData\Local\Temp\sfareca00001.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\update-S-1-5-21-2886151947-935133992-3361241069-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Jan\Desktop" je 13 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16.05.2018 01
Ran by Jan (24-05-2018 12:07:33)
Running from C:\Users\Jan\Desktop
Windows 8.1 Pro (Update) (X64) (2017-03-22 22:27:50)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2886151947-935133992-3361241069-500 - Administrator - Disabled)
Guest (S-1-5-21-2886151947-935133992-3361241069-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2886151947-935133992-3361241069-1003 - Limited - Enabled)
Jan (S-1-5-21-2886151947-935133992-3361241069-1001 - Administrator - Enabled) => C:\Users\Jan

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20040 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 1.4.0 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CS6 (HKLM-x32\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe InDesign CS5.5 (HKLM-x32\...\{857CC5F0-040E-1016-A173-D55ADD80C260}) (Version: 7.5 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version: 3.0 - Adobe Systems, Inc.)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.7.17 - ASUS)
Avira (HKLM-x32\...\{B9E9546C-BAD0-43AB-8812-4FC3F8A9547C}) (Version: 1.2.113.25350 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{d2c9315d-82be-4e7a-8d9f-ccbe716c2552}) (Version: 1.2.113.25350 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.36.169 - Avira Operations GmbH & Co. KG)
Backup and Sync from Google (HKLM\...\{C388B258-2CE7-4CA5-8007-9DEF6DF80787}) (Version: 3.42.9747.1898 - Google, Inc.)
Balíček ovladače systému Windows - ASUS Tek. Corporation (ATP) Mouse (07/27/2015 7.0.0.7) (HKLM\...\A877FD5856151D202B724718A4F58CF0089A558C) (Version: 07/27/2015 7.0.0.7 - ASUS Tek. Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.42 - Piriform)
CPUID CPU-Z 1.85 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.85 - CPUID, Inc.)
CrystalDiskInfo 7.5.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.5.0 - Crystal Dew World)
Dropbox (HKLM-x32\...\Dropbox) (Version: 50.4.71 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.75.1 - Dropbox, Inc.) Hidden
ePER (HKLM-x32\...\{BB224962-A37E-4E24-87E2-BD0F47B6A8F5}) (Version: 8.40.0 - Fiat)
FileZilla Client 3.33.0 (HKU\S-1-5-21-2886151947-935133992-3361241069-1001\...\FileZilla Client) (Version: 3.33.0 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 66.0.3359.181 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
HWiNFO64 Version 5.82 (HKLM\...\HWiNFO64_is1) (Version: 5.82 - Martin Malík - REALiX)
JPEG Resampler Vs 5.99.99 (HKLM-x32\...\JPEG Resampler_is1) (Version: - David Macek)
Lightshot-5.4.0.10 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.10 - Skillbrains)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM-x32\...\{90150000-001F-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM-x32\...\{90150000-001F-041B-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
NVIDIA Ovladače grafiky 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Ovládací panel NVIDIA 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 342.01 - NVIDIA Corporation) Hidden
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.2.2750 - Jan Fiala)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Splinter Cell Blacklist (HKLM-x32\...\Uplay Install 91) (Version: - Ubisoft)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.8 - TeamSpeak Systems GmbH)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.0.5640 - TeamViewer)
Tom Clancy's Ghost Recon Future Soldier (HKLM-x32\...\Uplay Install 53) (Version: - Ubisoft)
TomTom Sports Connect (HKLM-x32\...\TomTom Sports Connect) (Version: 3.3.6.0 - TomTom International B.V.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0a - Ghisler Software GmbH)
Update for Skype for Business 2015 (KB4018377) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{6E386D81-72D1-4B67-998A-0049FDC17CCD}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4018377) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6E386D81-72D1-4B67-998A-0049FDC17CCD}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4018377) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0405-0000-0000000FF1CE}_Office15.PROPLUS_{6E386D81-72D1-4B67-998A-0049FDC17CCD}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 31.1 - Ubisoft)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2886151947-935133992-3361241069-1001_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll ()
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-05-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-05-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-05-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-05-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-05-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-05-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-05-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-05-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-05-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-05-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-05-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-05-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-05-21] (Google)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-05-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-05-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-05-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-05-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-05-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-05-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-05-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-05-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-05-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-05-21] (Dropbox, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-05-21] (Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-05-21] (Google)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2018-05-15] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-05-21] (Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-05-21] (Google)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-05-21] (Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2018-05-15] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-2886151947-935133992-3361241069-1001: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2251AD69-B3E3-45EA-A827-6D38B0F26B52} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-23] (Google Inc.)
Task: {2D1D0E6A-C25B-4EF9-BBCA-378B7E030EC9} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-03-23] (Dropbox, Inc.)
Task: {47054ABE-3767-4F60-980B-9DB19862A60C} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-03-23] (Dropbox, Inc.)
Task: {6066BADB-7CA9-4FF9-8784-50BAAC25DB70} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation)
Task: {7BDB5A05-9571-4F57-AF27-BD1B34295535} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-05-10] (Piriform Ltd)
Task: {93B260A0-95EF-4CCA-BC83-082395DAE781} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
Task: {9DA0B48E-2A95-413A-A4A4-F9E959880123} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-05-10] (Piriform Ltd)
Task: {A25E40F7-B763-4F2E-895E-62117E405AAF} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2018-05-15] (Avira Operations GmbH & Co. KG)
Task: {A2C7E705-A84F-46B6-A1A9-DD69348A3065} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {A77E5887-F187-4582-B02A-F102615EAB37} - System32\Tasks\Speedfan\speedfan => C:\Program Files (x86)\SpeedFan\speedfan.exe [2016-06-29] ()
Task: {B16ADBBB-9698-4321-9D30-71CD98406A3C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-23] (Google Inc.)
Task: {B7285AD9-E5C3-4356-AA19-0F90AA439919} - System32\Tasks\update-S-1-5-21-2886151947-935133992-3361241069-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
Task: {C323795A-06E7-46F1-B658-373120637424} - System32\Tasks\{A059A7F0-EA4B-483C-9B6B-08388D4425C6} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\Mafia\Setup.exe" -d "C:\Program Files\Mafia"
Task: {D48C66CB-2C68-46E7-BD59-85CD1E2CC709} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {D6C6E5C4-E770-4DD2-9445-B181177AA522} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation)
Task: {DC6DA826-0409-4303-9AF1-C449390B790F} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2017-01-09] (AsusTek)
Task: {E4FB8F64-AC10-4C81-A792-08238C216E91} - System32\Tasks\{FD171F69-C90A-4949-9C17-CE3D70C1EBDD} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\Mafia\Game.exe" -d "C:\Program Files\Mafia"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\update-S-1-5-21-2886151947-935133992-3361241069-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\AirMirror.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=macmgoeeggnlnmpiojbcniblabkdjphe
ShortcutWithArgument: C:\Users\Jan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\ČAM - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) ==============

2017-03-23 00:56 - 2016-11-14 13:15 - 000135224 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-05-02 10:50 - 2017-05-02 10:50 - 000076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2017-03-23 11:04 - 2014-11-02 19:45 - 000029184 _____ () C:\Program Files (x86)\PSPad editor\pspshellx64.dll
2016-06-29 20:01 - 2016-06-29 20:01 - 008166536 _____ () C:\Program Files (x86)\SpeedFan\speedfan.exe
2018-05-21 15:49 - 2018-05-21 15:49 - 046281240 _____ () C:\Program Files\Google\Drive\googledrivesync.exe
2018-05-24 12:01 - 2018-05-24 12:01 - 000113152 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\_ctypes.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000080896 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\bz2.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 001585152 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\_hashlib.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000128512 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\win32api.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000137728 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\pywintypes27.dll
2018-05-24 12:01 - 2018-05-24 12:01 - 000548864 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\pythoncom27.dll
2018-05-24 12:01 - 2018-05-24 12:01 - 000689664 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\unicodedata.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000438784 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\win32com.shell.shell.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 001489408 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\wx._core_.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 001007104 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\wx._gdi_.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 001039872 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\wx._windows_.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 001325056 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\wx._controls_.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000916992 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\wx._misc_.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 001084416 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\pysqlite2._sqlite.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000149504 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\win32file.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000136192 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\win32security.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000007680 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\hashobjs_ext.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000020992 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\thumbnails_ext.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000118784 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\usb_ext.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000047616 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\_socket.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 002224640 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\_ssl.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000014848 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\common.time34.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000023040 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\win32event.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000034304 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\windows.conditional.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000020480 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\windows.winwrap.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000110080 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\windows.volumes.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000223232 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\win32gui.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000173568 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\_elementtree.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000169472 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\pyexpat.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000048128 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\win32inet.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000103424 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\wx._html2.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000046080 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\_psutil_windows.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000633272 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\windows._cacheinvalidation.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000011776 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\win32crypt.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000301568 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\PIL._imaging.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000032256 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\_multiprocessing.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 005458944 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\cello.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000026112 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\_yappi.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000044032 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\win32process.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000027648 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\win32pipe.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000010752 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\select.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000029696 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\win32pdh.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000038400 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\windows.connectivity.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000073216 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\windows.device_monitor.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000020480 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\win32profile.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000026624 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\win32ts.pyd
2018-05-24 12:04 - 2018-05-24 12:04 - 000158720 _____ () C:\Users\Jan\AppData\Local\Temp\sfareca00001.dll
2017-03-23 11:09 - 2018-05-24 12:04 - 000192512 _____ () C:\Users\Jan\AppData\Local\Temp\sfamcc00001.dll
2017-02-22 10:21 - 2017-02-22 10:21 - 000135680 _____ () C:\Program Files (x86)\TomTom\MySportsConnect\quazip5.dll
2018-05-22 20:26 - 2018-05-21 19:06 - 000847688 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-05-22 20:26 - 2018-05-21 19:06 - 002079048 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2018-05-22 20:26 - 2018-05-21 19:05 - 000100312 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2018-05-22 20:26 - 2018-05-21 19:05 - 000018896 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2018-05-22 20:26 - 2018-05-21 19:09 - 000020808 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2018-05-22 20:26 - 2018-05-21 19:05 - 000035808 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2018-05-22 20:26 - 2018-05-21 19:05 - 000694232 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2018-05-22 20:26 - 2018-05-21 19:08 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2018-05-22 20:26 - 2018-05-21 19:05 - 000130520 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2018-05-22 20:26 - 2018-05-21 19:08 - 001845600 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2018-05-22 20:26 - 2018-05-21 19:08 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2018-05-22 20:26 - 2018-05-21 19:06 - 000116696 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2018-05-22 20:26 - 2018-05-21 19:05 - 000105944 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2018-05-22 20:26 - 2018-05-21 19:10 - 000022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2018-05-22 20:26 - 2018-05-21 19:08 - 000063312 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2018-05-22 20:26 - 2018-05-21 19:05 - 000024536 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2018-05-22 20:26 - 2018-05-21 19:08 - 000077120 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2018-05-22 20:26 - 2018-05-21 19:06 - 000392664 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2018-05-22 20:26 - 2018-05-21 19:05 - 000043480 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2018-05-22 20:26 - 2018-05-21 19:05 - 000020952 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2018-05-22 20:26 - 2018-05-21 19:05 - 000124888 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2018-05-22 20:26 - 2018-05-21 19:05 - 000114136 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2018-05-22 20:26 - 2018-05-21 19:09 - 000392520 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2018-05-22 20:26 - 2018-05-21 19:10 - 000028000 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2018-05-22 20:26 - 2018-05-21 19:05 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2018-05-22 20:26 - 2018-05-21 19:05 - 000175576 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2018-05-22 20:26 - 2018-05-21 19:05 - 000030168 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2018-05-22 20:26 - 2018-05-21 19:05 - 000026072 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.pyd
2018-05-22 20:26 - 2018-05-21 19:05 - 000048600 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2018-05-22 20:26 - 2018-05-21 19:05 - 000057816 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2018-05-22 20:26 - 2018-05-21 19:08 - 000021840 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2018-05-22 20:26 - 2018-05-21 19:10 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.pyd
2018-05-22 20:26 - 2018-05-21 19:08 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.pyd
2018-05-22 20:26 - 2018-05-21 19:09 - 000066400 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2018-05-22 20:26 - 2018-05-21 19:10 - 000025440 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2018-05-22 20:26 - 2018-05-21 19:05 - 000145880 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2018-05-22 20:26 - 2018-05-21 19:09 - 003863880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2018-05-22 20:26 - 2018-05-21 19:05 - 000084944 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2018-05-22 20:26 - 2018-05-21 19:08 - 001798464 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2018-05-22 20:26 - 2018-05-21 19:08 - 001959232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2018-05-22 20:26 - 2018-05-21 19:05 - 000028632 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2018-05-22 20:26 - 2018-05-21 19:09 - 000155472 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2018-05-22 20:26 - 2018-05-21 19:08 - 000521544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2018-05-22 20:26 - 2018-05-21 19:09 - 000051024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.pyd
2018-05-22 20:26 - 2018-05-21 19:08 - 000043336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2018-05-22 20:26 - 2018-05-21 19:09 - 000131400 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2018-05-22 20:26 - 2018-05-21 19:09 - 000219984 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2018-05-22 20:26 - 2018-05-21 19:08 - 000204104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2018-05-22 20:26 - 2018-05-21 19:05 - 000060888 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2018-05-22 20:26 - 2018-05-21 19:10 - 000054616 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2018-05-22 20:26 - 2018-05-21 19:05 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2018-05-22 20:26 - 2018-05-21 19:10 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2018-05-22 20:26 - 2018-05-21 19:10 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2018-05-22 20:26 - 2018-05-21 19:10 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2018-05-22 20:26 - 2018-05-21 19:10 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2018-05-22 20:26 - 2018-05-21 19:08 - 000027496 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2018-05-22 20:26 - 2018-05-21 19:05 - 000349144 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2018-05-22 20:26 - 2018-05-21 19:09 - 000101704 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2018-05-22 20:26 - 2018-05-21 19:10 - 000023904 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2018-05-22 20:26 - 2018-05-21 19:08 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2018-05-22 20:26 - 2018-05-21 19:06 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2018-05-22 20:26 - 2018-05-21 19:10 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.pyd
2018-05-22 20:26 - 2018-05-21 19:08 - 000181064 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2018-05-22 20:26 - 2018-05-21 19:09 - 000030544 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2018-05-22 20:26 - 2018-05-21 19:08 - 000024384 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2018-05-22 20:26 - 2018-05-21 19:08 - 001638208 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2018-05-22 20:26 - 2018-05-21 19:10 - 000026464 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2018-05-22 20:26 - 2018-05-21 19:08 - 000546632 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2018-05-22 20:26 - 2018-05-21 19:08 - 000359744 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2886151947-935133992-3361241069-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jan\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\sunrise-in-space.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeCS5ServiceManager"
HKLM\...\StartupApproved\Run32: => "AdobeCS5.5ServiceManager"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKU\S-1-5-21-2886151947-935133992-3361241069-1001\...\StartupApproved\StartupFolder: => "SQLServer.lnk"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{2FA84D2F-FBBB-459E-9BAB-8D3BA3C8D7AD}C:\program files (x86)\fiat\eper\j2sdk1.4.1\bin\javaw.exe] => (Allow) C:\program files (x86)\fiat\eper\j2sdk1.4.1\bin\javaw.exe
FirewallRules: [UDP Query User{DB07E041-C20A-4834-A930-C2E2889B0EE1}C:\program files (x86)\fiat\eper\j2sdk1.4.1\bin\javaw.exe] => (Allow) C:\program files (x86)\fiat\eper\j2sdk1.4.1\bin\javaw.exe
FirewallRules: [TCP Query User{19E3FC06-BD56-4293-8774-E0A6BB3D0EFF}C:\users\jan\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\jan\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{495187F9-22DA-4AEA-951E-F77E66EBDE30}C:\users\jan\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\jan\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{C9449594-53A8-467C-AAFA-46E2489B4E13}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{1F3FE713-F96C-4F1D-AC11-D548123E92AB}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{09EA6ACD-68E5-4567-9660-6575B2DC21CE}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_game.exe
FirewallRules: [{55A1B055-700C-4EC0-AE53-E2555029680B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_game.exe
FirewallRules: [{E53E0821-EFC5-46FC-AE71-0596A96E4B32}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_DX11_game.exe
FirewallRules: [{7B826130-C1E2-4C50-BE0D-05EE0935F57E}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_DX11_game.exe
FirewallRules: [{A12CD407-C788-42A0-B8B8-D9FF7FF5CFDE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{48F4224F-FAAD-4355-AD11-33F05DDCD1F3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{32AD64D1-AE5C-4BE4-9197-0F541B5D1AD1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{658BFA6E-E097-4A66-83C4-8C4B51223BEF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{2A76323E-D60C-46A3-BB21-39084324843E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForever.exe
FirewallRules: [{1A40F233-4C5C-41E7-9B2B-B023A4A52188}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForever.exe
FirewallRules: [{E40D1575-F9F3-455E-93BC-4BAD9C2D140C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForeverLauncher.exe
FirewallRules: [{F9860C9A-5C2F-4B83-AB59-83659F2322DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForeverLauncher.exe
FirewallRules: [{1D9FAE91-DB3F-4B79-9F15-D051089D8A29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{DA4BBAA4-AB7B-435F-A987-E193D1A02A61}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{9FB597FE-3BF6-4AFE-958C-12782C899BF4}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Ghost Recon Future Soldier\Future Soldier DX11.exe
FirewallRules: [{870492DA-E6EB-4293-A5F6-DAFAD787616B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Ghost Recon Future Soldier\Future Soldier DX11.exe
FirewallRules: [{9F945E69-CC5A-4E78-8D41-4DD737E20670}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Ghost Recon Future Soldier\Future Soldier DX9.exe
FirewallRules: [{85FD2BB7-EB9A-4BA8-A22E-702D486A8463}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Ghost Recon Future Soldier\Future Soldier DX9.exe
FirewallRules: [{07F90AE4-9607-4C46-9B81-828A3EC67E82}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{5C700166-2D6F-4812-8289-1EABD1BD6083}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0727E96A-3AF4-4000-BD9C-FA523573BE30}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{5224DE2F-8BBF-4020-A2C3-8F99505F37B2}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6886D6B4-E12F-4A58-A59E-E929B90CA5E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{422266C0-A4A3-4E2C-85EF-B4DBE5EDC25A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{6A26CAA9-02E6-4225-B924-E6EC9EB99241}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{139F3FAA-5C85-498B-829D-1889E2C632E6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{1E712141-6291-47CE-A37A-8300B05552C6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{BA2202EC-A90A-4521-94DC-64FC11E028BF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{6A33F34B-6F3C-40B0-AC6A-6775150359E4}C:\program files (x86)\ubisoft\ubisoft game launcher\games\splinter cell blacklist\src\system\blacklist_game.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\splinter cell blacklist\src\system\blacklist_game.exe
FirewallRules: [UDP Query User{56F0F22B-0721-41FD-94B2-68A861A057D1}C:\program files (x86)\ubisoft\ubisoft game launcher\games\splinter cell blacklist\src\system\blacklist_game.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\splinter cell blacklist\src\system\blacklist_game.exe
FirewallRules: [TCP Query User{09D1D2C6-5EAB-452C-B238-C4147311B76B}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Allow) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe
FirewallRules: [UDP Query User{E94F9619-843D-4596-A828-12F380796F9B}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Allow) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe
FirewallRules: [{991D4013-424C-45CA-900C-87CE74B195E8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{873BB3A7-9163-4391-AF38-8092E136A29B}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

==================== Restore Points =========================

10-05-2018 10:24:04 Windows Update
20-05-2018 14:20:13 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/24/2018 12:00:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: LogonUI.exe, verze: 6.3.9600.17415, časové razítko: 0x5450541b
Název chybujícího modulu: nvwgf2umx.dll, verze: 21.21.13.4201, časové razítko: 0x58298969
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000030831
ID chybujícího procesu: 0x3b0
Čas spuštění chybující aplikace: 0x01d3f345f28be609
Cesta k chybující aplikaci: C:\Windows\system32\LogonUI.exe
Cesta k chybujícímu modulu: C:\Windows\system32\nvwgf2umx.dll
ID zprávy: 54f1503c-5f39-11e8-8288-000e2ed0142e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/24/2018 11:37:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: LogonUI.exe, verze: 6.3.9600.17415, časové razítko: 0x5450541b
Název chybujícího modulu: nvwgf2umx.dll, verze: 21.21.13.4201, časové razítko: 0x58298969
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000030831
ID chybujícího procesu: 0x3ac
Čas spuštění chybující aplikace: 0x01d3f2f15fa37811
Cesta k chybující aplikaci: C:\Windows\system32\LogonUI.exe
Cesta k chybujícímu modulu: C:\Windows\system32\nvwgf2umx.dll
ID zprávy: 03be4cd2-5f36-11e8-8287-000e2ed0142e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/24/2018 01:52:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: LogonUI.exe, verze: 6.3.9600.17415, časové razítko: 0x5450541b
Název chybujícího modulu: nvwgf2umx.dll, verze: 21.21.13.4201, časové razítko: 0x58298969
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000030831
ID chybujícího procesu: 0x3ac
Čas spuštění chybující aplikace: 0x01d3f2f10f046e3a
Cesta k chybující aplikaci: C:\Windows\system32\LogonUI.exe
Cesta k chybujícímu modulu: C:\Windows\system32\nvwgf2umx.dll
ID zprávy: 6b97b57d-5ee4-11e8-8286-000e2ed0142e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/24/2018 01:35:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: LogonUI.exe, verze: 6.3.9600.17415, časové razítko: 0x5450541b
Název chybujícího modulu: nvwgf2umx.dll, verze: 21.21.13.4201, časové razítko: 0x58298969
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000030831
ID chybujícího procesu: 0x394
Čas spuštění chybující aplikace: 0x01d3f2ee97438551
Cesta k chybující aplikaci: C:\Windows\system32\LogonUI.exe
Cesta k chybujícímu modulu: C:\Windows\system32\nvwgf2umx.dll
ID zprávy: f01f85e8-5ee1-11e8-8285-000e2ed0142e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/23/2018 08:10:13 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LiveComm.exe verze 17.5.9600.20911 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 11ac

Čas spuštění: 01d3f25b8aab947b

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe

ID hlášení: 7ea8fc79-5e4f-11e8-8283-000e2ed0142e

Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe

ID aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  File: C:\Users\Jan\AppData\Local\Temp\sfamcc00001.dll
  File: C:\Users\Jan\AppData\Local\Temp\sfareca00001.dll
  
  HKLM-x32\...\Run: [eperjavaapp] => C:\Program Files (x86)\Fiat\ePER\j2sdk1.4.1*injavaw.exe
  HKU\S-1-5-21-2886151947-935133992-3361241069-1001\...\Run: [AdobeBridge] => [X]
  GroupPolicy: Restriction ? <==== ATTENTION
  S3 dbx; system32\DRIVERS\dbx.sys [X]
  S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
  S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]
  2018-05-16 18:15 - 2018-05-23 00:37 - 000795652 _____ C:\Windows\ZAM_Guard.krnl.trace
  2018-05-16 18:15 - 2018-05-17 09:24 - 001363056 _____ C:\Windows\ZAM.krnl.trace
  2017-03-23 11:09 - 2018-05-24 12:04 - 000192512 _____ () C:\Users\Jan\AppData\Local\Temp\sfamcc00001.dll
  2018-05-24 12:04 - 2018-05-24 12:04 - 000158720 _____ () C:\Users\Jan\AppData\Local\Temp\sfareca00001.dll
  
  Hosts:
  EmptyTemp:
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Fix result of Farbar Recovery Scan Tool (x64) Version: 16.05.2018 01
Ran by Jan (24-05-2018 18:17:33) Run:1
Running from C:\Users\Jan\Desktop
Loaded Profiles: Jan (Available Profiles: Jan)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

File: C:\Users\Jan\AppData\Local\Temp\sfamcc00001.dll
File: C:\Users\Jan\AppData\Local\Temp\sfareca00001.dll

HKLM-x32\...\Run: [eperjavaapp] => C:\Program Files (x86)\Fiat\ePER\j2sdk1.4.1*injavaw.exe
HKU\S-1-5-21-2886151947-935133992-3361241069-1001\...\Run: [AdobeBridge] => [X]
GroupPolicy: Restriction ? <==== ATTENTION
S3 dbx; system32\DRIVERS\dbx.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]
2018-05-16 18:15 - 2018-05-23 00:37 - 000795652 _____ C:\Windows\ZAM_Guard.krnl.trace
2018-05-16 18:15 - 2018-05-17 09:24 - 001363056 _____ C:\Windows\ZAM.krnl.trace
2017-03-23 11:09 - 2018-05-24 12:04 - 000192512 _____ () C:\Users\Jan\AppData\Local\Temp\sfamcc00001.dll
2018-05-24 12:04 - 2018-05-24 12:04 - 000158720 _____ () C:\Users\Jan\AppData\Local\Temp\sfareca00001.dll

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========================= File: C:\Users\Jan\AppData\Local\Temp\sfamcc00001.dll ========================

C:\Users\Jan\AppData\Local\Temp\sfamcc00001.dll
File not signed
MD5: 7E7EB7AFF595774E5E500B34058CC1A7
Creation and modification date: 2017-03-23 11:09 - 2018-05-24 12:04
Size: 000192512
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/d9c89e6 ... 524118895/

====== End of File: ======


========================= File: C:\Users\Jan\AppData\Local\Temp\sfareca00001.dll ========================

C:\Users\Jan\AppData\Local\Temp\sfareca00001.dll
File not signed
MD5: 51151D3AD8DA0DFA0E7A681AA2FF8870
Creation and modification date: 2018-05-24 12:04 - 2018-05-24 12:04
Size: 000158720
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/1bf07b5 ... 516474691/

====== End of File: ======

"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\eperjavaapp" => removed successfully
"HKU\S-1-5-21-2886151947-935133992-3361241069-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge" => removed successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
"HKLM\System\CurrentControlSet\Services\dbx" => removed successfully
dbx => service removed successfully
"HKLM\System\CurrentControlSet\Services\ZAM" => removed successfully
ZAM => service removed successfully
"HKLM\System\CurrentControlSet\Services\ZAM_Guard" => removed successfully
ZAM_Guard => service removed successfully
C:\Windows\ZAM_Guard.krnl.trace => moved successfully
C:\Windows\ZAM.krnl.trace => moved successfully
C:\Users\Jan\AppData\Local\Temp\sfamcc00001.dll => moved successfully
C:\Users\Jan\AppData\Local\Temp\sfareca00001.dll => moved successfully
Could not move "C:\Windows\System32\Drivers\etc\hosts" => Scheduled to move on reboot.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 23426047 B
Java, Flash, Steam htmlcache => 96604388 B
Windows/system/drivers => 1733847 B
Edge => 0 B
Chrome => 821527977 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 733 B
LocalService => 100124 B
NetworkService => 0 B
Jan => 176378362 B

RecycleBin => 0 B
EmptyTemp: => 1.1 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 24-05-2018 18:21:23)

C:\Windows\System32\Drivers\etc\hosts => Could not move
Could not restore Hosts.

==== End of Fixlog 18:21:23 ====

Ako to vyzera s PC? Nastala nejaka zmena, pripadne su nejake problemy?

PC se je rychlejší a celkově odezva je lepší. Myslím, že máme hotovo. Mnohokrát děkuji za Váš čas, přeji příjemný víkend.

Tak este upraceme po pouzitych nastrojoch:

• Stiahni DelFix: https://toolslib.net/downloads/finish/2-delfix/
• Uloz na plochu a spusti
• Nechaj oznacenu moznost "Remove disinfection tools"
• Klikni na "Run"